Dangerous Concept Of DDosCoin Mining

A report that describes the potentially quite dangerous altcoin DDosCoin, has recently been published. This coins uses a principle similar to Proof-of-Work – “proof-of-DDoD” for coin mining, so miners must actually participate in DDoS-attacks on a specific webserver target.

According to the report by Eric Wustrow, University of Colorado Boulder, and graduate student at University of Michigan, Benjamin VanderSloot, titled “DDoSCoin: Cryptocurrency with a Malicious Proof-of- Work”, the malicious “proof-of-DDoS” operates by having miners create a large number of TLS connections to a target webserver, and using the server’s signed responses as proof of connection.

Defending against DDoSCoin mining

However, Eric Wustrow and Benjamin VanderSloot also offer some precautions to limit the malicious nature of DDoSCoin. For example, in order to defend themselves, webmasters of victim websites can disable TLS 1.2 entirely, and only support earlier versions such as TLS 1.0 and TLS 1.1.

“The downside of disabling support for TLS 1.2 is losing the ability to negotiate authenticated encryption cipher modes with clients, which may decrease performance of implementations that have hardware acceleration for such modes,” said Eric Wustrow and Benjamin VanderSloot in the report.

They also stated in the report:

“We believe it is important to fully disclose potential attacks, even those that require the development of an altcoin to execute. This is especially important in the face of the impending commitment to the design of TLS 1.3, and compounded by how long TLS/SSL protocol versions stay in active use.”

Experts opinion

“I am glad that ​​technically competent people are developing their ideas, but I’m not always pleased about its direction. Let me remind you that in many jurisdictions, attacks aimed to disable information systems are considered as a crime and punishable by law. I recommend not to participate in these systems, except for research purposes in their own networks. And I do not think that this way of Proof of Work will be widely used in cryptocurrency. Only as one of the tools for intruders. But cryptocurrencies doesn’t need such a proof is not needed for its work. Moreover, there are many alternatives which do not violate the laws of Proof-of-something, like Proof of Activity, Proof of Burn, Proof of Capacity, etc.”

Related Stories

The Ford Motor Company, IBM, RCS Global, Huayou Cobalt and LG Chem are considering employing blockchain to track and corroborate ethically sourced minerals. They aim at creating an open, industrywide network to track and confirm minerals and other significant materials for the automotive and consumer electronics sector in their supply chains.

Iberdrola - the Spanish public multinational electric utility major, has accomplished a project which will largely chip into speeding up the decarbonisation process by using blockchain to ensure that the energy supplied to the user is 100 percent renewable. The first test to ensure the renewable source of the energy supplied was carried out with the financial entity Kutxabank, who were able to trace the actual time that it takes a process to occur, and the source of the power supplied by Iberdrola from the generation point up to the place of consumption.